search cancel

Policy Based Encryption Essentials recipient side behavior

book

Article ID: 150694

calendar_today

Updated On:

Products

Email Security.cloud

Issue/Introduction

 

Resolution

This article explains how encrypted emails sent from customers of the Email Security Services (ESS), using the Data Protection based Policy Based Encryption (PBE) Essentials solution, are received and handled by 3rd party recipients.

  • When a PBE Essentials customer sends an encrypted email to a new recipient, one that doesn't yet have an established PDF password with the encryption service. The recipient is first sent an email where he/she is prompted to set up a password. After accessing the link and setting the password, the registration page confirms that the password was saved successfully and that the encrypted content will be delivered shortly.

  • The recipient gets the email with the encrypted PDF attached, which contains the original email sent by the customer of the ESS service. In order for the PDF to be opened, it will ask for the password that was set up for this recipient address.

  • The system will use the current PDF password that the recipient has each time he/she is sent new encrypted emails. This also applies to encrypted emails sent from other users of the ESS service to the same recipient.

  • The password stays the same until the recipient decides to change the password. PDF passwords do not expire on their own, but the recipient can request to change their password via the Password Recovery link that is given to them each time they receive a new encrypted PDF.
    • In the case of a user that has changed their PDF password at least once, they will have more than one password registered. They will have a current PDF password and they will have one or more historical passwords depending on how many times they’ve changed their password. Historical passwords are kept in the event that the user needs to open an older encrypted PDF that was encrypted with a password they used to have.